Versions Compared

Version Old Version 18 New Version Current
Changes made by

Former user

Gomathy Kumarakuruparan (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This topic includes a list of all the WSO2 Identity Server extension points related to OAuth and OpenID Connect (OIDC).

...

Client Authentication Handler

UsageThis extension point can be used when the client credential authentication needs to be customized when issuing tokens. By default the Identity Server validate validates the client id and secret.
Interfaceorg.wso2.carbon.identity.oauth2core.token.handlers.clientauth.ClientAuthenticationHandlerhandler.AbstractIdentityHandler
Abstract Classorg.wso2.carbon.identity.oauth2.tokenclient.handlersauthentication.clientauth.AbstractClientAuthHandlerAbstractOAuthClientAuthenticator
Default Implementation

org.wso2.carbon.identity.oauth2.token.handlers.clientauth.BasicAuthClientAuthHandler

Configuration
Code Block
languagexml
<ClientAuthHandlers>
	...
	<ClientAuthHandler Class<EventListener type="org.wso2.carbon.identity.core.handler.AbstractIdentityHandler"  name="full qualified class name of client authentication handler" orderId="order Id" enable="true"> 	</ClientAuthHandler> <Property name="name">property value</Property>
</ClientAuthHandlers>EventListener>

OAuth Token Generator

Usage

This extension point can be used to change the access token, refresh token, authorization code generation logic as preferred. By default a UUID will be generated as the token value.

Tip

This extension point can be used to generate a self-contained access token, that contains all the information which are required to validate the token and the user profile information by itself.
For example, a JWT with a payload as below, can be used as a self contained access token, followed by the signature of the token issuer.

Code Block
{
 “sub” : “alice”“larry”,
 “scp” : [ “openid”, “email”, “app:write” ],
 “iss” : “http://idp.example.com",
 “iat” : 1360050795,
 “exp” : 1360053600,
}

For more information on implementing a self contained access token, as an extension to the WSO2 Identity Server, refer this blog.


Interfaceorg.wso2.carbon.identity.oauth2.token.OauthTokenIssuer
Default Implementation

org.wso2.carbon.identity.oauth2.token.OauthTokenIssuerImpl

Configuration
Code Block
languagexml
<IdentityOAuthTokenGenerator>full qualified class name of oauth token generator</IdentityOAuthTokenGenerator>

...